linuxapachecentos7portforwardingcertbot

"Timeout during connect (likely firewall problem)" while renewing Certbot


I am facing the following error when I try to renew my ssl certificate using

certbot renew

Challenge failed for domain ***********.com

Some challenges have failed.

The following errors were reported by the server:

Domain: arjunbroker.com Type: connection Detail: Fetching http://arjunbroker.com/.well-known/acme-challenge/F9nlyrRQBpJGOpPLHGPCj1vzdJOd_rBISU7q2aX7t_o: Timeout during connect (likely firewall problem)

I have checked UFW and firewalld. And both port 80 and 443 are open.


Solution

  • I finally realised that prior to installing SSL on this server, I used to forward port 80 to port 8080 using

     sudo /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
    

    So I simply forwarded port 80 back to port 80.

    Lesson learnt, for Certbot to work port 80 forwarding should be in place.